>Date: Sat, 9 Oct 1999 11:22:02 +0100
>From: Antonomasia <ant_at_NOTATLA.DEMON.CO.UK>
>Subject: 2 dodgy network programs
>
>I was just visiting http://www.echelon.wiretapped.net and downloaded a
>small file called "tcplog.c" with no author or version stated. It is for
>logging connections to your box (linux only).
>
>There are some minor coding gripes I could make, but line 107
>takes a risk with the size of a hostname
Just for the purpose of noting the original source of the file (I operate
the WireTapped site), this particular file came from:
ftp://ftp.technotronic.com/unix/protocol-loggers/tcplog.c
Short of actually removing the file, I've added this information and a
cautionary note of the problem at line 107 to the file on wiretapped.net
>Also I want to mention DeleGate-5.9.3 (at www.echelon.wiretapped.net and
>elsewhere, in versions for Linux, AIX etc).
>Luc Stepniewski <lstep_at_mail.dotcom.fr> drew attention to this in April
>1999
>for having very many string operations without bounds checking.
>Although I made it dump core
The home page for this is at:
http://wall.etl.go.jp/delegate/
Having seen this posting, I've now updated the DeleGate file on WireTapped
to 5.9.5, the current version:
http://the.wiretapped.net/security/firewalls/delegate5.9.5.tar.gz
Hope this adequately addresses the problems you've raised,
Grant
_______________________________________________________
Grant Bayley gbayley_at_ausmac.net
- IT Manager, Batey Kazoo (www.kazoo.com.au)
- Administrator, The AusMac Archive (www.ausmac.net)
- Webmaster/Organiser, 2600 Australia (www.2600.org.au)
_______________________________________________________
Received on Oct 11 1999
Intro
